<?php
/*
Author: Øyvind MK
Project: EBBS
*//**********************Description**********************/

include 'library/init.php';
include 'library/header.php';


$error = false;
$maxheight = 200;
$maxwidth = 200;
$imagevariable = null;

    if (isset ($_POST['profileChanged'])) {
      if (is_uploaded_file($_FILES['Portrait']['tmp_name'])) {
    list($width, $height) = getimagesize($_FILES['Portrait']['tmp_name']);
    $factor1 = $height/$maxheight;
    $factor2 = $width/$maxwidth;
    $factor = ($factor1>$factor2)?$factor1:$factor2;
    $new_width = $width / $factor;
    $new_height = $height / $factor;
    echo "$factor1*$factor2*$height*$width*$new_height*$new_width";
    $image_p = imagecreatetruecolor($new_width, $new_height);
    $image = imagecreatefromstring(file_get_contents($_FILES['Portrait']['tmp_name']));
    imagecopyresampled($image_p, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
    ob_start();
    imagejpeg($image_p);
    $imagevariable = ob_get_contents();
    ob_end_clean();
  }
	$sql = 'UPDATE user SET FirstName=:FirstName, LastName=:LastName, Email=:Email, WebURL=:WebURL,
                 Password=:Password, BlogTitle=:BlogTitle, Portrait=:Portrait WHERE UserID=:UserID';
	$sth = $db->prepare ($sql);
	$sth->bindParam (':FirstName', $_POST['FirstName']);
	$sth->bindParam (':LastName', $_POST['LastName']);
	$sth->bindParam (':Email', $_POST['Email']);
	$sth->bindParam (':WebURL', $_POST['WebURL']);
	$sth->bindParam (':UserID', $_POST['UserID']);
        $sth->bindParam (':Password', $_POST['Password']);
        $sth->bindParam (':BlogTitle', $_POST['BlogTitle']);
        $sth->bindParam (':Portrait', $imagevariable);
	$sth->execute ();
	$id = $_POST['UserID'];
	$updated = 'Profile updated';

        header('location:blog.php?id='.$id);

} else if (isset ($_GET['UserID'])) {
	$id = $_GET['UserID'];
}
$id = $user->getID();
$sql = 'SELECT * FROM user WHERE UserID=:UserID';
$sth = $db->prepare ($sql);
$sth->bindParam (':UserID', $id);
$sth->execute();
$row = $sth->fetch ();
$FirstName = $row['FirstName'];
$LastName = $row['LastName'];
$Password = $row['Password'];
$BlogTitle = $row['BlogTitle'];
$Email = $row['Email'];
$WebURL = $row['WebURL'];


?>


<h1>Edit profile</h1>
<?php
if (isset ($updated))
  echo "<h2>$updated</h2>";
?>
<form method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="UserID" value="<?php echo $id; ?>"/>
<label for="FirstName">FirstName</label>
<input type="text" name="FirstName" value="<?php echo $FirstName; ?>"/><br/>
<label for="LastName">LastName</label>
<input type="text" name="LastName" value="<?php echo $LastName; ?>"/><br/>
<label for="Password">New Password</label>
<input type="text" name="Password" value="<?php echo $Password; ?>"/><br/>
<label for="BlogTitle">Blog Title</label>
<input type="text" name="BlogTitle" value="<?php echo $BlogTitle; ?>"/><br/>
<label for="Email">Email</label>
<input type="text" name="Email" value="<?php echo $Email; ?>"/><br/>
<label for="WebURL">WebURL</label>
<input type="text" name="WebURL" value="<?php echo $WebURL; ?>"/><br/>
<label for="Portait">Bilde</label>
<input type="file" name="Portrait" title="bilde"><br/>

<input type="submit" name="profileChanged" value="Save"/>


<?php echo "<br><a href='blog.php?id=$id'>Blog</a>"; ?>
</form>

<?php
include 'library/sidebar.php';
include 'library/footer.php';